You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This commit was created on GitHub.com and signed with GitHub’s verified signature.
Fixed
CI workflow action SHAs (4 broken pins from the Stage A Wave 1 / Wave 3 SHA-pin sweep): trufflesecurity/trufflehog (34e114876b → 37b77001d0 / v3.95.3), actions/upload-pages-artifact (cd2ce8fc → 56afc609 / v3 — the previous SHA was actually deploy-pages@v5 on the wrong action), actions/deploy-pages (ddc015e5 → cd2ce8fc / v5 — previous SHA didn't exist), astral-sh/setup-uv (7b1f4a76 → caf0cab7 / v3 — previous SHA didn't exist).
v1.1.0 release-binaries workflow failed at Getting action download info because of the broken setup-uv pin; this patch lets the next release-binaries run actually build and upload the PyInstaller binaries for Windows + macOS.
Notes
No user-facing changes vs v1.1.0 — pure CI hygiene. PyPI / npm packages are byte-identical except for the version string. v1.1.0 remains valid and installable.
v1.1.0 GitHub Release page has the release notes; v1.1.0 PyInstaller binaries are unshipped — they ship attached to the v1.1.1 release once release-binaries.yml succeeds with the fixed setup-uv SHA.
